Offensive Security Tools
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
Browse 246 offensive security tools
FEATURED
USE CASES
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
CrossC2 is a cross-platform payload generator that extends CobaltStrike's capabilities to Linux and macOS environments for red team operations.
Covenant is a collaborative .NET command and control framework designed for red team operations and offensive security engagements.
CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.
Charlotte is an undetected C++ shellcode launcher for executing shellcode with stealth.
Chameleon aids in evading proxy categorization to bypass internet filters.
C3 is a framework by WithSecureLabs for rapid prototyping of custom command and control channels that integrates with existing offensive security toolkits.
A command line tool that generates randomized malleable C2 profiles for Cobalt Strike to vary command and control communication patterns.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
SharpEDRChecker scans system components to detect security products and tools.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
Offensive Security Tools FAQ
Common questions about Offensive Security tools, selection guides, pricing, and comparisons.
Penetration testing evaluates specific systems or applications for vulnerabilities within a defined scope and timeframe. Red teaming simulates a real adversary with minimal restrictions, attempting to achieve specific objectives (access CEO email, exfiltrate customer data) using any attack vector: technical exploitation, social engineering, and physical access. Red teaming tests your entire security program, not just your technology.
